The TV3 television channel on September 9 reported that unknown individuals offered several political parties to buy a database, purportedly with the contact info, including mobile phone numbers, of Latvenergo clients. The parties – not named in the report – were supposedly asked €80,000 for the database. Meanwhile Latvenergo representatives are sure that there have been…
Hackers that compromised Ticketmaster blamed for British Airways security breach
Graeme Burton reports: Researchers at security consultancy RiskIQ claim that British Airways was breached by the same group, dubbed Magecart, that compromised Ticketmaster earlier this year. And Magecart is now so prolific that RiskIQ claims to be getting hourly alerts of new websites compromised by Magecart’s malicious JavaScript code. For British Airways, though, the group customised…
UK: TV Licencing urges tens of thousands of Scottish customers to check bank statements after data security breach
Helen Knapman reports: Thousands of Scots television viewers who have entered their details on the TV Licencing website in the past few weeks are being urged to check their bank statements for suspicious transactions following a data alert. TV Licencing warns that from 29 August until around 3.20pm on 5 September 2018, some transactions carried…
Manhattan U.S. Attorney Announces Extradition Of Alleged Russian Hacker Responsible For Massive Network Intrusions At JP Morgan Chase, Other U.S. Financial Institutions, Brokerage Firms, A Major News Publication, And Other Companies
Press release of September 7: Geoffrey S. Berman, the United States Attorney for the Southern District of New York, William F. Sweeney, Jr., the Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), and David E. Beach, Special Agent in Charge of the U.S. Secret Service New York Field…
Click2Gov Payment System Security Breach
A reader kindly alerted me to the fact that the city of Tyler had reported a breach. When I looked into it, I see that it’s yet one more report on Click2Gov by Superion. This has been a known problem since last year, so why haven’t municipal governments updated and patched? RiskBasedSecurity had a more…
Public IP Addresses of Tor Sites Exposed via SSL Certificates
Lawrence Abrams reports: A security researcher has found a method that can be used to easily identify the public IP addresses of misconfigured dark web servers. While some feel that this researcher is attacking Tor or other similar networks, in reality he is exposing the pitfalls of not knowing how to properly configure a hidden service. One…